How a company can survive a personal data breach

It’s happened; your worst fears have come true. Your company has suffered a personal data breach. And it’s major. This is not an employee leaving a USB stick on a bus; your company has been hacked. Personal information that is core to your business is compromised. Lots of it. Your IT team is struggling to work out precisely what has happened. You may receive a ransom demand from the hackers.

You are responsible for your company’s data protection compliance and your company is panicking. What do you do?

This article answers some of the practical questions you will face within the first hours of a personal data breach. These are questions that every in-house data protection team, legal team and general counsel will be expected to have answers to immediately. They may not necessarily be questions you have thought about during your General Data Protection Regulation (‘GDPR’) planning.